package com.qg.shiro;

import com.qg.entity.Permission;
import com.qg.entity.Role;
import com.qg.entity.User;
import com.qg.mapper.UserMapper ;
import com.qg.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.HashSet;
import java.util.Set;

/**
 * Created with IntelliJ IDEA
 *
 * @Author yuanhaoyue swithaoy@gmail.com
 * @Description 自定义 Realm
 * @Date 2018-03-25
 * @Time 21:46
 */
@Component
public class CustomRealm extends AuthorizingRealm {
    @Autowired
    private UserService userService;
    /**
     *身份认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        /*SimpleAuthenticationInfo info=null;
        //将token转换成UsernamePasswordToken
        UsernamePasswordToken upToken = (UsernamePasswordToken) authenticationToken;
        //从转换后的token中获取用户名
        String username= upToken.getUsername();
        //查询数据库，得到用户
        User user=userMapper.findByName(username);
        if(user==null){
            return null;
        }
        //得到加密密码的盐值
        ByteSource salt = ByteSource.Util.bytes(user.getSalt());
        info = new SimpleAuthenticationInfo(
                user, //用户名
                user.getPassword(), //密码
                salt, //加密的盐值
                getName()  //realm name
        );*/
        System.out.println("执行认证逻辑");
        /*//模拟数据库
        String name = "zpj";
        String password = "123456";*/

        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
        User user = userService.findByName(token.getUsername());
        if(user==null){
            return null;
        }
        //System.out.println(user);
        //ByteSource salt = ByteSource.Util.bytes(name);
        //return new SimpleAuthenticationInfo("",user.getPassword(),"");

        String hashAlgorithmName = "MD5";
        String credentials = user.getPassword();
        int hashIterations = 2;
        //ByteSource credentialsSalt = ByteSource.Util.bytes("user");
        ByteSource credentialsSalt = ByteSource.Util.bytes(user.getSalt());
        Object obj = new SimpleHash(hashAlgorithmName, credentials, credentialsSalt, hashIterations);

        //ByteSource credentialsSalt = ByteSource.Util.bytes(user.getUsername());
        return new SimpleAuthenticationInfo(user,obj, credentialsSalt, getName());

    }

    /**
     * 授权认证
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        /*SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        User user=(User) principalCollection.getPrimaryPrincipal();
        *//*
        此步需要根据用户信息查询数据库中的role和permission---->>>??????
         *//*
        for(Role role:user.getRoles()){
            authorizationInfo.addRole(role.getRole());
            for(Permission permission:role.getPermissions()){
                authorizationInfo.addStringPermission(permission.getPermission());
            }
        }
        return authorizationInfo;*/

        System.out.println("执行授权逻辑");

        //给资源进行授权
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //添加资源的授权字符串
        //info.addStringPermission("user:add");
        Subject subject = SecurityUtils.getSubject();
        User user = (User)subject.getPrincipal();
        User dbuser = userService.findUserById(user.getId());

        info.addStringPermission(dbuser.getExtend1());

        return info;
    }
}
